sshd and tcpwrappers

On Tue, 2004-02-03 at 23:16, P.R. wrote:
> Hi
>> I want to know if sshd uses the tcpwrappers (hosts.allow etc)
> functionality by default = when following the book.
>> There is a switch in the configure-script: --with-tcp-wrappers.
> I think it wouldnt be there if not needed, so I don't think sshd will
> NOT utilize tcpd, unless I recompile it again.
>> Is this right or wrong?
>> I found this message from last July
>>http://archives.linuxfromscratch.org/mail-archives/blfs-support/2003-July/031854.html>> and I think even more I have to recompile and reinstall sshd again :-/
>> I also think it should be at least mentioned with one short one sentence
> in the book, because this is a basic feature.
>> Greetings
> Peter
Personally, using tcp-wrappers with sshd is a BadThing (TM). TCP
wrappers works by wrapping the binary by the tcpd program in inetd - and
sshd shouldn't EVER be run via inetd - I forget the details, but
something about excessive key generation or something to that effect -
you can definately find more information on the web about it.
Or, I suppose I could be completely misunderstanding how tcp-wrappers
works, and might be way off base.
-J-